Skip to content
Permalink
Browse files

Merge pull request #15 from iwarapter/master

[JENKINS-38830] Added support for tracking credentials.
  • Loading branch information...
stephenc committed Nov 1, 2016
2 parents fd42f5e + 3e65181 commit f38bb5f22feafb6389093b329e726f41bff3f9de
@@ -122,7 +122,7 @@
<dependency>
<groupId>org.jenkins-ci.plugins</groupId>
<artifactId>credentials</artifactId>
<version>2.1.0</version>
<version>2.1.1</version>
</dependency>
<dependency>
<groupId>org.jenkins-ci.plugins</groupId>
@@ -204,6 +204,7 @@ public void preCheckout(AbstractBuild build, Launcher launcher, BuildListener li
SSHUserPrivateKey.class,
build
);
CredentialsProvider.track(build, c);
if (c == null && !ignoreMissing) {
IOException ioe = new IOException(Messages.SSHAgentBuildWrapper_CredentialsNotFound());
ioe.printStackTrace(listener.fatalError(""));
@@ -142,6 +142,7 @@ private void initRemoteAgent() throws IOException {
List<SSHUserPrivateKey> userPrivateKeys = new ArrayList<SSHUserPrivateKey>();
for (String id : new LinkedHashSet<String>(step.getCredentials())) {
final SSHUserPrivateKey c = CredentialsProvider.findCredentialById(id, SSHUserPrivateKey.class, build);
CredentialsProvider.track(build, c);
if (c == null && !step.isIgnoreMissing()) {
listener.fatalError(Messages.SSHAgentBuildWrapper_CredentialsNotFound());
}
@@ -2,8 +2,10 @@

import com.cloudbees.jenkins.plugins.sshcredentials.SSHUserPrivateKey;
import com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.CredentialsScope;
import com.cloudbees.plugins.credentials.SystemCredentialsProvider;
import hudson.model.Fingerprint;
import hudson.model.FreeStyleProject;
import hudson.model.Result;
import hudson.tasks.Shell;
@@ -13,8 +15,15 @@
import org.junit.Rule;
import org.junit.Test;
import org.jvnet.hudson.test.BuildWatcher;
import org.jvnet.hudson.test.Issue;
import org.jvnet.hudson.test.JenkinsRule;

import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.core.IsCollectionContaining.hasItem;
import static org.hamcrest.core.IsNull.notNullValue;
import static org.hamcrest.core.IsNull.nullValue;

public class SSHAgentBuildWrapperTest extends SSHAgentBase {

@Rule
@@ -138,4 +147,43 @@ public void sshAgentWithInvalidCredentials() throws Exception {

stopMockSSHServer();
}

@Issue("JENKINS-38830")
@Test
public void testTrackingOfCredential() throws Exception {
startMockSSHServer();

List<String> credentialIds = new ArrayList<String>();
credentialIds.add(CREDENTIAL_ID);

SSHUserPrivateKey key = new BasicSSHUserPrivateKey(CredentialsScope.GLOBAL, credentialIds.get(0), "cloudbees",
new BasicSSHUserPrivateKey.DirectEntryPrivateKeySource(getPrivateKey()), "cloudbees", "test");
SystemCredentialsProvider.getInstance().getCredentials().add(key);
SystemCredentialsProvider.getInstance().save();

Fingerprint fingerprint = CredentialsProvider.getFingerprintOf(key);
assertThat("No fingerprint created until first use", fingerprint, nullValue());

FreeStyleProject job = r.createFreeStyleProject();

SSHAgentBuildWrapper sshAgent = new SSHAgentBuildWrapper(credentialIds, false);
job.getBuildWrappersList().add(sshAgent);

Shell shell = new Shell("set | grep SSH_AUTH_SOCK "
+ "&& ssh-add -l "
+ "&& ssh -o NoHostAuthenticationForLocalhost=yes -o StrictHostKeyChecking=no -p " + getAssignedPort()
+ " -v -l cloudbees " + SSH_SERVER_HOST);
job.getBuildersList().add(shell);

r.assertBuildStatusSuccess(job.scheduleBuild2(0));

fingerprint = CredentialsProvider.getFingerprintOf(key);
assertThat(fingerprint, notNullValue());
assertThat(fingerprint.getJobs(), hasItem(is(job.getFullName())));
Fingerprint.RangeSet rangeSet = fingerprint.getRangeSet(job);
assertThat(rangeSet, notNullValue());
assertThat(rangeSet.includes(job.getLastBuild().getNumber()), is(true));

stopMockSSHServer();
}
}
@@ -2,9 +2,13 @@

import com.cloudbees.jenkins.plugins.sshcredentials.SSHUserPrivateKey;
import com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey;
import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.CredentialsScope;
import com.cloudbees.plugins.credentials.SystemCredentialsProvider;
import com.cloudbees.plugins.credentials.domains.Domain;
import hudson.Util;
import hudson.model.Fingerprint;
import hudson.util.Secret;
import org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition;
import org.jenkinsci.plugins.workflow.cps.CpsFlowExecution;
import org.jenkinsci.plugins.workflow.job.WorkflowJob;
@@ -15,6 +19,7 @@
import org.junit.Test;
import org.junit.runners.model.Statement;
import org.jvnet.hudson.test.BuildWatcher;
import org.jvnet.hudson.test.Issue;
import org.jvnet.hudson.test.JenkinsRule;
import org.jvnet.hudson.test.RestartableJenkinsRule;

@@ -24,6 +29,10 @@
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.core.IsCollectionContaining.hasItem;
import static org.hamcrest.core.IsNull.notNullValue;
import static org.hamcrest.core.IsNull.nullValue;
import static org.junit.Assert.*;

public class SSHAgentStepWorkflowTest extends SSHAgentBase {
@@ -141,4 +150,45 @@ public void evaluate() throws Throwable {

}

@Issue("JENKINS-38830")
@Test
public void testTrackingOfCredential() {


story.addStep(new Statement() {
@Override
public void evaluate() throws Throwable {
startMockSSHServer();

List<String> credentialIds = new ArrayList<String>();
credentialIds.add(CREDENTIAL_ID);

SSHUserPrivateKey key = new BasicSSHUserPrivateKey(CredentialsScope.GLOBAL, credentialIds.get(0), "cloudbees",
new BasicSSHUserPrivateKey.DirectEntryPrivateKeySource(getPrivateKey()), "cloudbees", "test");
SystemCredentialsProvider.getInstance().getCredentials().add(key);
SystemCredentialsProvider.getInstance().save();

Fingerprint fingerprint = CredentialsProvider.getFingerprintOf(key);

WorkflowJob job = story.j.jenkins.createProject(WorkflowJob.class, "sshAgentAvailable");
job.setDefinition(new CpsFlowDefinition(""
+ "node {\n"
+ " sshagent (credentials: ['" + CREDENTIAL_ID + "']) {\n"
+ " sh 'ls -l $SSH_AUTH_SOCK && ssh -o StrictHostKeyChecking=no -p " + getAssignedPort() + " -v -l cloudbees " + SSH_SERVER_HOST + "'\n"
+ " }\n"
+ "}\n", true)
);

assertThat("No fingerprint created until first use", fingerprint, nullValue());

story.j.assertBuildStatusSuccess(job.scheduleBuild2(0));

fingerprint = CredentialsProvider.getFingerprintOf(key);
assertThat(fingerprint, notNullValue());
assertThat(fingerprint.getJobs(), hasItem(is(job.getFullName())));

stopMockSSHServer();
}
});
}
}

0 comments on commit f38bb5f

Please sign in to comment.
You can’t perform that action at this time.